24 matches found
EUVD-2023-12516
Malicious code in bioql PyPI...
EUVD-2023-27662
Malicious code in bioql PyPI...
RHEL 7 / 8 : Satellite 6.11.5.6 async (RHSA-2023:5980)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5980 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...
Satellite/Foreman: Arbitrary code execution through yaml global parameters
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload...
Satellite/Foreman: Arbitrary code execution through yaml global parameters
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload...
Satellite/Foreman: Arbitrary code execution through yaml global parameters
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload...
CVE-2023-0462
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload...
CVE-2023-0462
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload...
Code injection
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload...
CVE-2023-0462 Arbitrary code execution through yaml global parameters
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload...
CVE-2023-23562
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters...
CVE-2023-23562
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters...
Design/Logic Flaw
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters...
CVE-2023-23562
CVE-2023-23562 affects Stormshield Endpoint Security versions 2.3.0 through 2.3.2. The underlying issue is an Incorrect Access Control that allows an authenticated user to update global parameters. Documents consistently describe the vulnerability without providing a confirmed remediation in the ...
CVE-2023-23562
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters...
Stormshield Endpoint Security 安全漏洞
Stormshield Endpoint Security is a product line of enhanced workstation and server security from the French company Stormshield. A security vulnerability exists in Stormshield Endpoint Security versions 2.3.0 through 2.3.2 that stems from incorrect access control. An attacker could exploit the...
PT-2023-19042 · Stormshield · Stormshield Endpoint Security
Name of the Vulnerable Software and Affected Versions: Stormshield Endpoint Security versions 2.3.0 through 2.3.2 Description: The issue is related to Incorrect Access Control, allowing an authenticated user to update global parameters. Recommendations: For Stormshield Endpoint Security versions...
CVE-2023-0462
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload...
Foreman 代码注入漏洞
Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides service provisioning, configuration management, and status reporting. A security vulnerability exists in Foreman that originates from allowing an administrator user to set global parameters...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via 1 global parameters, 2 smart class parameters, or 3 smart variables in the a host or b hostgroup edit forms...